The security technologies and services market continues to grow as enterprises are challenged as never before in cyber space and invest significantly in protecting their assets and their customers from fraudulent activity. Conventional identity management (IdM) technologies that enterprises use to control user authentication and privileges are becoming more vulnerable to misuse as users access corporate resources from a wider variety of devices, connection types, and geographical locations.
Although enterprises may enforce strict use policies designed to minimize any chances of exposing user account credentials, human factors, technological weaknesses, and inevitable bugs in software and hardware components often allow attackers to obtain user account credentials and exploit them in fraudulent activities.
As an example, a phishing attack is one common attack scenario in which a company's employees receive credible looking emails asking them to click a certain link and perform a certain action requiring entering their username and password. After obtaining a user's password, the fraudulent site may redirect the user to a valid company site, such that the user may not even realize that his/her account credentials have just been stolen.
The only line of defense of current IdM systems against phishing attacks is to couple with a spam detecting software that screens all inbound and outbound emails and recognizes potential phishing emails. Unfortunately some phishing attacks disguise themselves so skillfully that they easily trick general-purpose spam-filtering software into allowing such emails as valid.
Another attack scenario example occurs when employees use weak and duplicate passwords for corporate systems and for other online services. Once attackers gain access to online services, which may have lower security standards, they use the obtained account credentials to access corporate systems. It is almost impossible to detect such password breaches with conventional IdM systems unless the attacker performs readily noticeable, disruptive actions such as resetting the password or using the compromised account in spamming or phishing campaigns.
Despite enterprises' use of sophisticated security solutions, including firewalls, anti-virus and anti-spyware suites, blacklists, spam filters, and so forth, there is a dangerously increasing number of attacks getting through the traditional security measures. Additionally, there are an increasing number of attacks due to the expanding range of opportunities for attackers created by the emerging Internet of Things, the abundance of mobile and wearable devices, and the shift to cloud computing.